+ Reply to Thread
Results 1 to 9 of 9
  1. Senior Member
    Join Date
    Sep 2016
    Location
    UK
    Posts
    142

    Certifications
    CompTIA Network+, MCP, MCTS: Windows 7
    #1

    Default How to get into pen testing?

    Hello all,

    I currently work in IT support but my career goal is to get into IT security especially pen testing.

    What skills are required to become an ethnical hacker? What certification path should I take?

    Many thanks.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    May 2006
    Posts
    2,029

    Certifications
    CISSP, CCSP, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #2
    Study, study, study everything and anything. One of the big certifications is the below. If you want to be a pen tester, you should look at the below site. Learn Kali and Linux.
    https://www.offensive-security.com/
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Apr 2013
    Posts
    1,942
    #3
    More specifically the OSCP on the link above. There are other certs, and other ways of doing it but that's a completely hands on cert that is respected by people who know what it is. What's your network knowledge look like? You do realize you might spend a LOT of time writing reports?
    Reply With Quote Quote  

  5. Member
    Join Date
    May 2013
    Location
    Singapore
    Posts
    36

    Certifications
    Network+, MTA 98-349, MTA 98-365, SSCP, CHFI, eJPT
    #4
    Quote Originally Posted by Nisseki View Post
    Hello all,

    I currently work in IT support but my career goal is to get into IT security especially pen testing.

    What skills are required to become an ethnical hacker? What certification path should I take?

    Many thanks.
    Hi Nisseki,

    Look at your country's job portals and their requirements.

    For example, pen-testing in the UK might require that you obtain certifications from CREST.

    Work towards that, and learn as much as you can via other means.

    Whether it be studying certifications, setting up your own lab, obtaining approval from your management to perform pen-testing internally or boning up on different Red Team and Blue Team books.



    And most importantly, never lose sight of that goal.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #5
    Agree with Nebula15, since you are in UK, you may want to look at CESG CHECK of which CREST is one of the approved certifications. They are bringing CREST certifications to Singapore and possibly making it a mandatory requirement for companies doing pen testing for banks. Which means you may get to enjoy a stint in sunny Singapore with your CREST certification.
    Reply With Quote Quote  

  7. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #6
    As others have said, certifications and OSCP is king. Lab and learn constantly. Consider adding a web-based certs like eWAPT from eLearnsecurity to complement OSCP
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Sep 2016
    Location
    UK
    Posts
    142

    Certifications
    CompTIA Network+, MCP, MCTS: Windows 7
    #7
    Thanks for the advice.

    Now I know what certifications to go for. What skill set is required for a pen tester?

    I know strong networking knowledge is one of them. Any programming languages?

    Many thanks.
    Reply With Quote Quote  

  9. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #8
    I would think getting into Vulnerability Management would lead into Pentesting
    Reply With Quote Quote  

  10. Member
    Join Date
    Jan 2017
    Posts
    96
    #9
    I also have a strong networking background but I have been (programming wise) working with Python. Pretty strong in nmap usage which is also fun. Im also preparing for the OSCP.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks